Concerns are being raised globally as it pertains to the vulnerability of Wi-Fi connections of businesses and homes.
According to researchers these concerns stem from a major flaw code named Krack (Key Reinstallation Attack).
It largely concerns an authentication system which is widely used to secure wireless connections.
In essence, the security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks.
Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.
He said, “Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.
“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.”
Vanhoef also emphasised that “the attack works against all modern protected wi-fi networks.
Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
The vulnerability affects a number of operating systems and devices, the report said, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others.
He added, “If your device supports wifi, it is most likely affected.
“In general, any data or information that the victim transmits can be decrypted … Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).”
In a statement released, the Britain’s National Cyber Security Centre said it was examining the vulnerability. “Research has been published today into potential global weaknesses to wifi systems. The attacker would have to be physically close to the target and the potential weaknesses would not compromise connections to secure websites, such as banking services or online shopping.
“We are examining the research and will be providing guidance if required. Internet security is a key NCSC priority and we continuously update our advice on issues such as wifi safety, device management and browser security.”
Also, the United States Computer Emergency Readiness Team (Cert) issued a warning on Sunday in response to the vulnerability.
“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others,” the alert says, detailing a number of potential attacks. It adds that, since the vulnerability is in the protocol itself, rather than any specific device or software, “most or all correct implementations of the standard will be affected”.
Experts said it could leave “the majority” of connections at risk until they are patched.
The researchers added the attack method was “exceptionally devastating” for Android 6.0 or above and Linux.
A Google spokesperson said: “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.”
While demystifying Krack, computer security expert from the University of Surrey Prof Alan Woodward explained, “When any device uses wi-fi to connect to, say, a router it does what is known as a “handshake”: it goes through a four-step dialogue, whereby the two devices agree a key to use to secure the data being passed (a “session key”).
“This attack begins by tricking a victim into reinstalling the live key by replaying a modified version of the original handshake. In doing this a number of important set-up values can be reset which can, for example, render certain elements of the encryption much weaker.
“This attacks appears to work on all wi-fis tested – prior to the patches currently being issued.
“In some it is possible to decrypt and inject data, enabling an attacker to hijack a connection. In others it is even worse as it is possible to forge a connection, which, as the researchers note, is “catastrophic”. He added.
The people this could be most problematic for are the internet service providers who have millions of routers in customers’ homes. It quite unsure how will they make sure all of them are secured.
1 Comment
Pingback: THREAT ALERT: Knack Hits WiFi Connections Globally | FIRSTPRESS